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(54) RADIO COMMUNICATION DEVICE AND RADIO COMMUNICATION METHOD 



(57) The present invention alms to provide a mobile 
station (MS) 100 which can perform confidentiality 
processing and integrity processing on data layer 2 or 
upper, A confidentiality/integrity processing unit 40 is 
provided among a terminal IF unit 10, a radio commu- 
nication control unit 20, and a radio communication unit 
30. The confidentiality/integrity processing unit 40 per- 
forms only the confidentiality processing on transparent 
data such as speech data transferred between the ter- 



minal IF unit 10 and the radio communication unit 30. 
The confidentiality/integrity processing unit 40 performs 
the confidentiality processing or/and the integrity 
processing on non-transparent data transferred to/from 
the radio communication control unit 20. The confiden- 
tiality/integrity unit 40 selectively performs the confiden- 
tiality processing or the integrity processing on the data 
of layer 2 or upper output from the radio communication 
unit 30 based on the data kind. 
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Description 

Technical Field 

[0001] This Invention relates to a radio communica- 
tion apparatus and a radio communication method for 
devices such as a cellular phone. In particular, the in- 
vention relates to a cellular phone which perfomis data 
confidentiality and integrity processing. 

Background Art 

[0002] Fig. 24 shows a conventional cellular phone 
500. 

[0003] A terminal IF (interface) unit 51 0, a radio com- 
munication control unit 520 and a radio communication 
unit 530 are provided to the conventional cellular phone 
500. The temiinal IF unit 510 performs interface with a 
userof thecellularphone500. The radio communication 
control unit 520 performs communication control of the 
whole cellular phone, data conversion and data 
processing based on protocol. The radio communica- 
tion unit 530 modulates and demodulates data to enable 
radio communication. The radio communication unit 
530 supports the physical layer (layer 1), which is the 
lowermost layer of seven layers defined by OS I (Open 
Systems Interconnection). A confidentiality processing 
unit 540 is provided to the radio communication unit 530. 
The confidentiality processing unit 540 encrypts or de- 
crypts data of the physical layer to be processed by the 
radio communication unit 530. As the data sent/received 
by an antenna 541 is encrypted by providing the confi- 
dentiality processing unit 540, wiretappers are prevent- 
ed from obtaining any significant information unless the 
ecryption codes are broken. 

[0004] The conventional cellular phone 500 has the 
confidentiality processing unit 540 within the radio com- 
munication unit 530. Accordingly, the data to be proc- 
essed by the confidentiality processing unit 540 is stored 
in the physical layer (layer 1 ), At the physical layer, it Is 
impossible to discriminate data between user data and 
control data. Data sent/received by the cellular phone 
includes various kinds of data such as user data or sig- 
naling data, and it is required to perfomn data confiden- 
tiality processing based on the data kinds, or to ensure 
data integrity depending on the significance of the data. 
As shown in the conventional architecture, since the 
confidentiality processing unit 540 is provided to the lay- 
er 1, the data cannot be perfonned the confidentiality 
processing northe integrity processing based on the da- 
ta kind because it Is Impossible to discriminate the data 
kinds at the layer 1 . 

[0005] A preferred embodiment of the present inven- 
tion aims to obtain a radio communication apparatus 
and a radio communication method performing confi- 
dentiality processing and the integrity processing of data 
based on the data kind. 

[0006] Further, another objective of the preferred em- 



bodiment of the present invention is to obtain the radio 
communication apparatus and the radio communication 
method performing the data confidentiality processing 
and the data integrity processing at a higher layer equal 
5 to or greater than layer 2 (data link layer) of the seven 
layer of the OSI. 

[0007] Further, another objective of the preferred em- 
bodiment of the present invention is to obtain the radio 
communication apparatus and the radio communication 

10 method selectively perfomning both of or either of the 
confidentiality processing of data and the integrity 
processing based on the data kind. 
[0008] Further, another objective of the preferred em- 
bodiment of the present invention Is to obtain the radio 

15 communication apparatus and the radio communication 
method performing data confidentiality/integrity 
processing for each channel in case the radio commu- 
nication apparatus has multiple channels. 
[0009] Further another objective of the preferred em- 

20 bodiment of the present invention is to obtain the radio 
communication apparatus and the radio communication 
method which selectively performs either confidentiality 
or integrity processing on the data by discriminating be- 
tween transparent and non -transparent data through a 

25 certain layer or a sub-layer. 

Disclosure of the Invention 

[0010] A radio communication apparatus according to 
30 the invention includes: 

a terminal interface unit for inputting data; 
a radio communication control unit for inputting the 
data Input by the terminal interface unit, for process- 
es ing the data based on protocol, and outputting the 

data; 

a confidentiality/integrity processing unit for input- 
ting a control signal and data from the radio com- 
munication control unit, perfomiing at least one of 
40 encryption of the data as confidentiality processing 
and generation of a message authentication code 
for detecting tampered data as integrity processing 
on the data input, and outputting the data processed 
to the radio communication control unit; and 
a radio communication unit for inputting, modulat- 
ing, and sending the data output from the radio com- 
munication control unit. 

[001 1 ] The confidentiality/integrity processing unit in- 
50 puts the control signal from the radio communication 
control unit and selectively inputs the data from the ter- 
minal interface unit based on the control signal input, 
and 

the confidentiality/integrity processing unit per- 
55 fomns confidentiality processing on the data input and 
outputs the data which has been perfonned confidenti- 
ality processing to the radio communication unit. 
[001 2] The terminal interface unit outputs transparent 
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data and non-transparent data, and 

the radio communication control unit inputs the non- 
transparent data from the terminal interface unit, 
makes the confidentiality/integrity processing unit s 
process the non-transparent data based on proto- 
col, and 

the radio communication control unit controls the 
transparent data to be transferred from the terminal 
interface unit to the confidentiality/integrity process- io 
Ing unit to perfomn the confidentiality processing. 

[0013] The confidentiality/integrity processing unit is 
connected to the radio communication control unit via 
parallel interface. is 
[0014] The confidentiality/integrity processing unit is 
connected to the terminal interface unit with serial inter- 
face and connected to the radio communication unit with 
serial interface. 

[0015] The confidentiality/integrity processing unit 20 
further includes: 

a confidentiality processing unit including an en- 
crypting unit for encrypting the data input; and 
an integrity processing unit having a message au- 25 
thentication code appending unit for appending a 
message authentication code to the data Input. 

[001 6] The confidentiality/integrity processing unit in- 
cludes multiple encrypting units. 30 
[0017] The confidentiality/integrity processing unit in- 
cludes multiple message authentication code append- 
ing units. 

[0018] The confidentiality processing unit and the in- 
tegrity processing unit fomi one module which Inputs the 35 

control signal and the data from the radio communica- 
tion control unit, and the module performs at least one 
of the confidentiality processing and the integrity 
processing on the data input based on the control signal 
input. 40 
[0019] A radio communication apparatus according to 
the invention includes: 



essed from the radio communication control unit 
and outputting the data. 

[0020] The confidentiality/integrity processing unit in> 
puts the control signal from the radio communication 
control unit and selectively Inputs the data from the radio 
communication unit based on the control signal input, 
and 

the confidentiality/integrity processing unit per- 
forms the confidentiality processing on the data input 
and outputs the data processed to the terminal Interface 
unit. 

[0021] The radio communication unit outputs trans- 
parent data and non-transparent data, 

the radio communication control unit inputs the non- 
transparent data from the radio communication unit 
and makes the confidentiality/integrity processing 
unit process the non-transparent data based on 

protocol, and 

the radio communication control unit controls the 
transparent data to be transferred from the radio 
communication unit to the confidentiality/integrity 
processing unit to perform the confidentiality 

processing. 

[0022] The confidentiality/Integrity processing unit is 
connected to the radio communication control unit with 
a parallel interface. 

[0023] The confidentiality/integrity processing unit is 
connected to the tenninal interface unit with a serial in- 
terface, and connected to the radio communication unit 
with a serial interface. 

[0024] The confidentiality/integrity processing unit in- 
cludes: 

a confidentiality processing unit having a decrypting 
unit for decrypting the data Input; and 
an integrity processing unit having an integrity ver- 
ification unit for verifying an integrity of the data in- 
put using a message authentication code appended 
to the data input. 



a radio communication unit for receiving and de- 
modulating data; 45 
a radio communication control unit for inputting data 
demodulated by the radio communication unit, 
processing the data based on protocol, and output- 
ting the data processed; 

a confidentiality/Integrity processing unit for Input- 50 
ting a control signal and the data from the radio 
communication control unit, based on the control 
signal input performing at least one of confidentiality 
processing of decrypting the data and integrity 
processing of detecting tampered data, and output- ss 
ting the data processed to the radio communication 
control unit; and 

a tenninal interface unit for inputting the data proc- 



[0025] The confidentiality processing unit includes 
multiple decrypting units. 

[0026] The integrity processing unit includes multiple 
integrity verification units, 

[0027] The confidentiality processing unit and the in- 
tegrity processing unit form one module which Inputs the 
control signal and the data from the radio communica- 
tion control unit, and wherein the module, based on the 
control signal input, performs at least one of processes 
of the confidentiality processing unit and the integrity 
processing unit on the data input. 
[0028] A radio communication apparatus for wireless 
data communication according to the Invention in- 
cludes: 
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a terminal interface unit for data input/output; 
a radio communication control unit for processing 
the data based on protocol; 
a radio communication unit for wireless data com- 
munication; 

a confidentiality/integrity processing unit, provided 
among the temiinal interface unit, the radio commu- 
nication control unit, and the radio communication 
unit, which performs at least one of confidentiality 
processing for encrypting/decrypting data and In- 
tegrity processing for detecting tampered data on 
the data Input/output from/to the radio communica- 
tion control unit, encrypts the data from the terminal 
interface unit to the radio communication unit, and 
decrypts the data from the radio communication unit 
to the temiinal interface unit. 

[0029] The confidentiality/Integrity processing unit In- 
cludes a confidentiality processing unit for performing a 
confidentiality processing on the data input, and an In- 
tegrity processing unit for perfonning an Integrity 
processing on the data input, separately. 
[0030] The confidentiality processing unit separately 
includes an encrypting unit for encrypting the data from 
the temiinal Interface unit to the radio communication 
unit, and a decrypting unit for decrypting the data from 
the radio communication unit to the terminal interface 
unit. 

[0031] The integrity processing unit separately in- 
cludes a message authentication code appending unit 
for appending a message authentication code to the da- 
ta input for performing an integrity verifying process, and 
an Integrity verification unit for verifying an integrity of 
the data input using the message authentication code 
appended to the data input. 

[0032] The communication apparatus is a portable 

mobile phone. 

[0033] The confidentiality processing unit and the In- 
tegrity processing unit employ same encryption algo- 
rithm. 

[0034] The confidentiality processing unit and the in- 
tegrity processing unit employ same encryption algo- 
rithm. 

[0035] The confidentiality processing unit and the In- 
tegrity processing unit employ same encryption algo- 
rithm. 

[0036] The communication apparatus is a cellular 
phone. 

[0037] The radio communication apparatus is a cellu- 
lar phone. 

[0038] The communication apparatus is a cellular 
phone. 

[0039] The radio communication apparatus is a radio 
station for sending/receiving data to/from a mobile sta- 
tion. 

[0040] The radio communication apparatus is a radio 
station for sending/receiving data to/from a mobile sta- 
tion. 



[0041] The radio communication apparatus is a radio 
station for sending/receiving data to/from a mobile sta- 
tion. 

[0042] The radio station is either of a base transceiver 
5 station and a radio network controller. 

[0043] The radio station is either of a base transceiver 

station and a radio network controller. 

[0044] The radio station is either of a base transceiver 

station and a radio network controller. 
10 [0045] A radio communication method according to 

the Invention Includes: 

a temiinal interface step for inputting data; 
a radio communication control step for inputting the 
15 data input by the terminal interface step and for 
processing the data based on protocol and output- 
ting the data; 

a confidentiality/integrity processing step for input- 
ting a control signal and data from the radio com- 

20 munication step, performing at least one of encryp- 
tion of the data as confidentiality processing and 
generation of a message authentication code for 
detecting tampered data as integrity processing on 
the data input, and outputting the data processed 

25 to the radio communication control step; and 

a radio communication step for inputting, modulat- 
ing, and sending the data output from the radio com- 
munication control step. 

30 [0046] A radio communication method according to 
the invention includes: 

a radio communication step for receiving and de- 
modulating data; 
35 a radio communication control step for inputting da- 
ta demodulated by the radio communication step, 
processing the data based on protocol, and output- 
ting the data processed; 

a confidentiality/integrity processing step for input- 
40 ting a control signal and the data from the radio 
communication control step, based on the control 
signal input performing at least one of confidentiality 
processing of decrypting the data and integrity 
processing of detecting tampered data, and output- 
45 ting the data processed to the radio communication 
control step; and 

a terminal interface step for Inputting the data proc- 
essed from the radio communication control step 
and outputting the data. 

50 

[0047] A radio communication method for wireless 
data communication according to the invention in- 
cludes: 

55 a tenninal interface step for data input/output; 

a radio communication control step for data 

processing based on protocol; 

a radio communication step for wireless data com- 
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munication; and 

a confidentiality/integrity processing step, provided 
among the tennlnal interface step, the radio com- 
munication control step, and the radio communica- 
tion step, and which performs at least one of confi- 
dentiality processing for encrypting/decrypting data 
and integrity processing for detecting tampered da- 
ta on the data input/output from/to the radio com- 
munication controi step, encrypts the data trans- 
ferred from the terminal interface step to the radio 
communication step, and decrypts the data trans- 
ferred from the radio communication step to the ter- 
minal interface step. 

Brief Explanation of the Drawings 

[0048] Fig. 1 shows a configuration of a mobile com- 
munication system. 

[0049] Fig. 2 shows a configuration of a radio network 
controller (RNC) 120. 

[0050] Fig. 3 shows a configuration of a mobile station 
(MS) 1 GO according to the first embodiment. 
[0051] Fig. 4 shows a configuration of a confidential- 
ity/integrity processing unit 40 according to the first em- 
bodiment. 

[0052] Fig. 5 shows a configuration of a confidential- 
ity/integrity processing unit 40 according to the first em- 
bodiment. 

[0053] Fig. 6 shows a configuration of a confidential- 
ity/integrity processing unit 40 according to the first em- 
bodiment. 

[0054] Fig. 7 shows a configuration of a confidential- 
ity/integrity processing unit 40 according to the first em- 
bodiment. 

[0055] Fig. 8 shows a configuration of a confidential- 
ity/integrity processing unit 40 according to the first em- 
bodiment. 

[0056] Fig. 9 shows a configuration of a mobile station 
(MS) 100 according to the second embodiment. 
[0057] Fig. 10 shows a configuration of a confidenti- 
ality/integrity processing unit 40 according to the second 
embodiment. 

[0058] Fig. 11 shows a configuration of a confidenti- 
ality/integrity processing unit 40 according to the second 
embodiment. 

[0059] Fig. 12 shows an example of encrypting/de- 
crypting systems. 

[0060] Fig. 13 shows a configuration of a confidenti- 
ality/integrity processing unit 40 according to the second 
embodiment. 

[0061] Fig. 14 is an iilustration shown in ARIB STD- 
T63 33.102,3G Security; Security Architecture, Section 
6.3. 

[0062] Fig. 15 is an illustration shown in ARIB STD- 
T63 33.102,3G Secuity; Security Architecture, Figure 
16b. 

[0063] Fig. 16 is an Illustration shown in ARIB STD- 
T63 33.102,3G Security; Security Architecture, Figure 



16. 

[0064] Fig. 1 7 shows a configuration of an encrypting 
module 51 (or a decrypting module 71 ) employed within 
a encrypting/decrypting 421 . 
5 [0065] Fig. 18 shows an installing form of the confi- 
dentiality/Integrity processing unit 40. 
[0066] Fig. 19 shows a case in which the confidenti- 
ality/integrity processing unit 40 is implemented by soft- 
ware. 

10 [0067] Fig. 20 shows a mechanism for calling cipher 
program 47 by an application program executed In a ra- 
dio communication control unit 20. 
[0068] Fig. 21 shows a concrete example of data 92, 
93 in case of RLC non-transparent mode. 

15 [0069] Fig. 22 shows a concrete example of voice da- 
ta as one example of transparent data 95, 96. 
[0070] Fig. 23 shows a concrete example of unre- 
stricted digital data as one example of transparent data 
95, 96. 

20 [0071] Fig. 24 shows a conventional cellular phone 
500. 

Preferred Embodiment of Carrying Out the Invention 

25 Embodiment 1 . 

[0072] Fig. 1 shows a general configuration of a mo- 
bile communication system according to this embodi- 
ment. 

30 [0073] A mobile station (MS) is one example of the 
radio communication apparatus according to the inven- 
tion. The mobile station (MS) 1 00 is, for example, a cel- 
lular phone. The mobile station (MS) 100 is connected 
to a base transceiver station (BTS) 1 1 0 by radio. The 

35 base transceiver station (BTS) 1 1 0 is connected to a ra- 
dio network controller (RNC) 120. The radio network 
controller (RNC) 120 is connected to another radio net- 
work controller (RNC) 1 20. The radio network controller 
(RNC) 120 is also connected to a core network (CN) 

40 130, and further connected to another radio network 
controller (RNC) 120 via the core network (CN) 130. 
One or both of the base transceiver station (BTS) 110 
and the radio network controller (RNC) 120 can be re- 
ferred to as a radio station. 

45 [0074] Fig. 2 shows a configuration of the same mo- 
bile communication system as shown in Fig. 1. In par- 
ticular, the figure shows the internal configuration of the 
radio network controller (RNC) 120. 
[0075] A BTS IF unit 121 connects the base transceiv- 

50 er station (BTS) 110. A handover control unit 122 con- 
trols handover in case the mobile station (MS) 100 
moves between the base transceiver stations (BTS) 
110. 

[0076] A signal control unit 1 23 for MS perf onns radio 
55 communication control and data confidentiality/integrity 
processing while communicating with the mobile station 
(MS) 100. The following confidentiality/integrity 
processing of the mobile station (MS) 100 is performed 
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corresponding to the confidentiality/integrity processing 
of the signal control unit 123 for MS. Namely, data en- 
crypted by the mobile station (MS) 1 00 is decrypted by 
the signal control unit 123 for MS. In reverse, the data 
encrypted In the signal control unit 123 for MS is de- 
crypted in the mobile station (MS) 100. An authentica- 
tion code appended by the mobile station (MS) 100 to 
ensure the integrity of data is checked by the signal con- 
trol unit 123 for MS. In reverse, the authentication code 
appended by the signal control unit 1 23 for MS to ensure 
the integrity of data is checked by the mobile station 
(MS) 1 00. The data confidentiality processing or the da- 
ta integrity processing is perfonned at the second layer 
of the seven layers, that is, layer 2 (data link layer). A 
CN IF unit 124 interfaces with the core network (CN) 
130. 

[0077] A RNC IF unit 125 interfaces with another radio 
network controller (RNC) 120. A signal control unit 126 
for CN performs control with a core network (CN) 130. 
A signal control unit 127 for RNC performs control with 
another radio network controller (RNC) 120. A control 
unit 128 controls the whole radio network controller 
(RNC) 120. A switch 129 switches control signals and 
packet data based on the control performance of the 
control unit 128 among the radio station (BTS) 110, the 
radio network controller (RNC) 120 and the core net- 
work (CN) 1 30. Namely the switch 1 29 switches not on- 
ly the packet data, but alt data kinds such as speech 
data, and further the switch 129 also switches the con- 
trol signals. 

[0078] Fig. 3 shows a configuration of the mobile sta- 
tion (MS) 100. 

[0079] The mobile station (MS) 1 00 includes a termi- 
nal IF unit 10, a radio communication control unit 20, a 
radio communication unit 30 and a confidentiality/integ- 
rity processing unit 40. A camera 1 , a video 2, B/T (Blue 
Tooth) 3, an LCD 4, a KEY 5, an LED 6, a USIM (Uni- 
versal Subscriber Identity Module) 7, a RECEIVER 8, a 
MIC 9, and an HSJ (Head Set Jack) 0 are connected to 
the tenninal IF unit 10. These devices of the camera 1 
through the HSJ 0 perform interface processing with a 
user (a person) or a device to be connected, and the 
devices input or output information which can be recog- 
nized by the user (person) or the device to be connect- 
ed. 

[0080] The tenninal IF unit 10 includes a module IF 
unit 11 for each module, a data format converter 12, a 
terminal IF control unit 13, and a speech encoding/de- 
coding unit 14. The module IF unit 11 for each module 
interfaces with each of the devices of the camera 1 
through the HSJ 0. The data format converter 12 con- 
verts the data formats processed by the devices of the 
camera 1 through the HSJ 0 to/from the data formats 
processed inside the mobile station (MS) 100. The ter- 
minal IF control unit 13 controls the operation of the ter- 
minal IF unit 1 0. The speech encoding/decoding unit 1 4 
encodes speech electric signals input by the MIC 9 into 
speech code. Further, the speech encoding/decoding 



unit 14 decodes the encoded signals to output the 
speech electric signals to the RECEIVER 8. 
[0081] The radio communication control unit 20 con- 
trols the whole mobile station (MS) 1 00. The radio com- 

5 munication control unit 20 is provided with a hardware 
circuit including a CPU, a ROM, a RAM. a firmware, and 
the like, or software module. The radio communication 
control unit 20 processes data between the terminal IF 
unit 10 and the radio communication unit 30. The radio 

10 communication control unit 20 converts data based on 
njles defined by the standard or the protocol. In partic- 
ular, the radio communication control unit 20 processes 
data of layer 2 or upper levels of layer, by such functions 
as packeting or concatenating the data. The radio com- 

15 munication control unit 20 can discriminate the data 
kind, because the radio communication control unit 20 
processes the data of layer 2 or upper. Accordingly, the 
radio communication control unit 20 can judge if certain 
data should undergo the confidentiality processing or 

20 the integrity processing based on the data kind. It is im- 
possible to discriminate the data kind at the layer 1 , and 
therefore it is impossible to judge whether the data 
should be pertonned the confidentiality processing or 
the Integrity processing. 

25 [0082] The radio communication unit 30 is provided 
with a channel encoding unit 31 0, a baseband modulat- 
ing/demodulating unit 320, a radio unit 330, and an an- 
tenna 34. The channel encoding unit 310 includes en- 
coding units and decoding units for respective channels. 

30 The encoding unit includes an error detection encoding 
unit 311, an error correction encoding unit 312, and a 
physical format converter 313. Further, the decoding 
unit includes a physical fomriat converter 314, an error 
con-ection decoding unit 31 5, and an error detection unit 

35 316. The baseband modulating/demodulating (MO- 
DEM) unit 320 modulates and demodulates the band. 
The baseband modulating/demodulating unit 320 in- 
cludes a baseband modulator 321 and a baseband de- 
modulator 322. The radio unit 330 converts the base- 

40 band signals into transmission spectrum, or reverse the 
conversion. The radio unit 330 includes an up-converter 
331 and a down-converter 332. 
[0083] The confidentiality/integrity processing unit 40 
is connected to the radio communication unit 20. The 

45 confidentiality/Integrity processing unit 40 receives data 
from the radio communication control unit 20 and per- 
forms the data confidentiality processing. Further, the 
confidentiality/integrity processing unit 40 ensures the 
integrity of the data. The confidentiality/integrity 

50 processing unit 40 inputs a control signal 91 from the 
radio communication control unit 20 for the data confi- 
dentiality/integrity processing. Further, the confidential- 
ity/integrity processing unit 40 inputs data 92 of an ar- 
bitrary layer of 2 or upper levels of layer as the process- 
es ing data of the confidentiality processing and/or data 92 
of an arbitrary layer of 2 or upper levels of layer as the 
processing data of the integrity processing from the ra- 
dio communication control unit 20. The confidentiality/ 
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integrity processing unit 40 perfomns the confidentiality 
processing and/or the integrity processing of the data 
92 based on the input control signal 91 to output to the 
radio communication control unit 20. The control signal 
91 includes parameters such as a key, an initial value, s 
selection between the confidentiality processing and the 
integrity processing. 

[0084] Fig. 4 shows a configuration of the confidenti- 
ality/integrity processing unit 40. 

[0085] The confidentiality/Integrity processing unit 40 io 
includes an IF unit 41 0 and a module 41 1 . The module 
411 perfonns the confidentiality processing and the in- 
tegrity processing within the same circuit or using the 
same algorithm. The selection between the confidenti- 
ality processing and the integrity processing is deter- ^5 
mined by the control signal 91 . 
[0086] Mere, the confidentiality processing means en- 
crypting or decrypting the data. Further, the integrity 
processing means detecting data tampering by append- 
ing authentication codes to the data or reproducing and 20 
comparing the authentication codes. 
[0087] The confidentiality processing and the integrity 
processing can be performed by the same circuit or al- 
gorithm, or by a similar circuit or a similar module. Ac- 
cordingly, as shown in Fig. 4, the confidentiality process- 25 
ing and the Integrity processing can be perfomned by a 
single module 41 1 . In case of Fig. 4, It is possible to re- 
duce the hardware resource and the software resource. 
Hereinafter, a "module" refers to the ones implemented 
either by hardware or software only, or by combining the 30 
both tools. 

[0088] Here, concrete examples of the confidentiality 
processing and the integrity processing used for the cel- 
lular phone will be explained. 

[0089] Fig. 14 is a figure shown in ARIB STD-T63 35 

33.102,3G Security; Security Architecture, Section 6.3. 
[0090] Fig. 15 is a figure shown in ARIB STD-T63 
33.1 02, 3G Security; Security Architecture, Figure 16b. 
[0091] Fig. 16 is a figure shown in ARIB STD-T63 
33.102,3G Security; Security Architecture, Figure 16. 40 
[0092] Fig. 1 4 shows an encrypting method on the ra- 
dio line. Signs shown in Fig. 14 mean the following: 

CK: cipher key (encryption key) 

F8: function for data confidentiality processing 45 

IK: integrity key (message authentication key) 
F9: function for data integrity processing 

[0093] Cellular phone carriers implement authentica- 
tion using functions f1 through f5. The 128-bit encryption so 

keys called CK and IK generated through this authenti- 
cation process are transferred to the function for data 
confidentiality processing (fS) and the function for data 
integrity processing (f9). 

[0094] Fig. 1 5 shows an encrypting method on the ra- ss 
dio line. The signs shown In Fig. 1 5 mean the following: 

f8: function for data confidentiality processing 



CK: cipher key (encryption key) 
MESSAGE: plaintext data which a sender wants to 
send to a receiver such as user data and signal in- 
formation before encryption 
COUNT-C: numeral value data showing the accu- 
mulated number of transmission/reception, incre- 
mented by 1 at each session. 
BEARER: bit for identifying logical channel 
DIRECTION: bit for discriminating the direction of 
transmission of ciphertext 
LENGTH: bit length of MESSAGE or ciphertext data 

[0095] As shown in Fig. 15, encryption/decryption of 
the data is performed based on a random number se- 
quence generated by the function f8 for data confiden- 
tiality processing. 

[0096] Fig. 16 shows a method for generating mes- 
sage authentication code. Signs shown In Fig. 16 mean 
the following: 

f9: function for data integrity processing 
IK: integrity key (message authenticating key) 
COUNT-I : numeral value data showing the accumu- 
lated number of transmission/reception, increment- 
ed by 1 at each session 

MESSAGE: plaintext data which a sender wants to 

send to a receiver such as user data and signal in- 

fonmation before encryption 

DIRECTION: bit for discriminating the direction of 

transmission 

FRESH: random number generated for each user 
MAC-l: message authentication code for integrity 
(message authentication code computed by the 
sender) 

XMAC-I: expected message authentication code 
for integrity (message authentication code comput- 
ed by the receiver) 

[0097] As shown in Fig. 16, the integrity of the data 
can be checked by comparing two message authentica- 
tion codes at the receiver side. 
[0098] In the following, the operation will be ex- 
plained. 

[0099] To perfomri ciphered communication between 
the temiinal and the network within the radio network, 
authentication process Is required, in which one partner 
confirms the other is a proper partner, or both partners 
mutually confirm the other is proper before sending/re- 
ceiving data between the two partners. 
[01 00] As shown in Fig. 1 4, during a series of authen- 
tication processes, both the tenninal and the network 
use five functions named functions f1 through fS. In par- 
allel with the authentication process, the function gen- 
erates a cipher key (CK) of 128 bits and a message au- 
thentication key (Integrity key, IK) at both the terminal 
and the network. 

[01 01] The two keys can be shared exclusively by the 
tenninal and the network which have been mutually au- 
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thenticated, and the two keys are used within the two 
functions f8 and f9 described below. The two keys vary 
for each communication session, and further, there are 
no patterns among keys generated. Then, the keys are 
discarded when the communication is over. 5 
[0102] The mechanism (protocol) required for this au- 
thentication process is standardized. However, as the 
functions of f 1 to f5 are not standardized, operators de- 
cide these functions independently. 
[0103] The data security after authentication process- 
ing is maintained by the data confidentiality and integrity 
processing techniques. 

[0104] The first, data confidentiality technique is ap- 
plied to encrypt the user data and the signal infonnation 
including speech transferred on the radio network, and 
for preventing wiretapping. To Implement this data con- 
fidentiality processing, a function called data confiden- 
tiality function (hereinafter, referred to as fS) is em- 
ployed. 

[0105] In the case of communicating data which has 
undergone confidentiality processing as shown in Fig. 
15, the sender uses the encryption key (CK) generated 
at authentication process. Further, a random number 
sequence is generated by Inputting a bit length 
(LENGTH) of the target data for encryption/decryption, 
an up/down link (DIRECTION), a counter (COUNT-C), 
a logic channel identifier (BEARER) to fS. 
[0106] Here, the up/down link means those distin- 
guishing bits which Indicates the transmission direction 
of ciphertext data between a terminal and a base station. 
Further, the counter Is data showing the number of ac- 
cumulated times of sending/receiving data. At each 
sending/receiving the data, a fixed value is added to the 
counter. The counter is used for preventing an attack 
which tries to send the ciphertext data that has been 
sent previously. Yet further, the logic channel identifier 
means a bit for identifying a logical channel performing 
encryption. 

[0107] Ciphertext data Is generated by XORing the 
random number sequence generated above and the da- 
ta/signal information to be encrypted and sent to the re- 
ceiver. 

[0108] The parameters except CK are sent from the 
sender to the receiver without encryption. It Is unneces- 
sary to send CK because the same parameter Is gener- 
ated at the receiver side at authentication process. 
[0109] Even if the parameters other than CK are ob- 
tained by the third party, the security of the original mes- 
sage can be kept, as the random number sequence re- 
quired to decrypt the ciphertext data cannot be gener- 
ated as long as CK remains secret. 
[0110] At the receiver side, the random number se- 
quence is generated using the received parameters and 
CK which has been already obtained, the random 
number sequence is XORed with the ciphertext data re- 
ceived to decrypt Into the original message. 
[0111] This method is a variation of OFB (output feed- 
back) mode, which Is one of the modes utilizing the block 



cipher defined by ISO/IEC10116. In OFB mode, even If 
noise generated on the transmission paths is mixed In 
the ciphertext data, the decode processing can prevent 
the noise part from Increasing. For this reason, this 
mode is often adopted for radio voice communication. 
[01 12] The second technique for keeping the security 
of data is data integrity technique, which detects tam- 
pering in the signal Information by appending a mes- 
sage authentication code (message authentication 
code) to the signal Information on the radio communi- 
cation line. This is also called message authentication 
technique. To implement this data integrity technique, a 
function for data integrity (hereinafter, referred to as f9) 
is used. The same encryption algorithm as F8 is em- 
ployed In the core part of f9. 

[0113] First, on authentication, the message authen- 
tication key (IK) is derived from the function f4 for gen- 
erating the message authentication key, and the mes- 
sage authentication key is transferred to f9. As shown 
in Fig. 16, a message authentication code (MAC-I or 
XMAC-I) is generated by Inputting the data (MES- 
SAGE), the up/down link (DIRECTION), the counter 
(COUNT-C), the random number (FRESH) generated 
for each user as well as the message authentication key. 
[01 1 4] These parameters are also sent to the receiver 
by using an area of data format which is not encrypted 
by the sender. Even If the parameters are obtained by 
the third party, the confidentiality of the data can be kept 
as long as the message authentication key (IK) is kept 
secret, which Is the same as the case of data confiden- 
tiality. 

[01 1 5] The sender sends the data with appending this 
message authentication code (l\^AC-l) appended to the 
receiver. The receiver, similarly, computes the message 
authentication code (XMAC-I) by using f9. It can be con- 
finned there is no tampering by comparing MAC-I and 
XMAC-I to find them identical. 

[0116] Here, the following shows some examples of 
subsequent process In case of tamper detection: 

(1) Request the retransmission of the data and 
check if the received message authentication code 
is proper or not. 

(2) Disconnect the connection in case of consecu- 
tive tamper detection. 

[0117] According to 3GPP specification (for more in- 
formation, access http://www.3gpp.org/About_3GPP/ 
3gpp.htm), the encryption/decryption module has the 
function to encrypt the Input plaintext data (data to be 
encrypted) Into the ciphertext data (encrypted data) and 
output the ciphertext data, and the function to decrypt 
the ciphertext data into the plaintext data and output the 
plaintext data. Assuming the embodiment is compliant 
to the 3GPP specification, the above COUNT/BERAR- 
ER/DIRECTlON/CK/LENGTHcon-espond to the control 
signal 91 shown in Fig. 3 as concrete examples. 
[01 1 8] Further, as for concrete examples of the data 
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92 and 93 shown in Fig. 3, for example, "MACSDU" or 
"RLCPDU (datapart)" corresponds as shown in Fig. 21. 
Here, "RLCSDU (datapart)" is a part of RLCPDU, from 
which the upper 1 Oct or 2 Octs (1 byte or 2 bytes) Is 
deleted (the part of "DATA FOR CIPHERING" shown In 5 
Fig. 21). "MACSDU" or "RLCPDU (datapart)" Is an ex- 
ample of MESSAGE shown in Fig. 1 5. Yet further. MAC- 
SDU denotes Media Access Control Service Data Unit. 
RLCPDU denotes Radio Link Control Protocol Data 
Unit. Each message within the message flow Is struc- 
tured from RLCPDU at the layer 3 after deleting RLC 
header. 

[0119] Although RLCPDU has 1-Oct or 2-Oct part 

which is not subjected to confidentiality processing, all 
of the RLCPDU Is input to the confidentiality/integrity 
processing unit 40 and the unit opt not to perform con- 
fidentiality/integrity processing on the 1-Oct or 2-Oct 
part. This is in order to reduce the load of the radio com- 
munication control unit 20 wherein the load Is generated 
by shifting 1 Oct or 2 Oct for removing the excluded part 
of 1 Oct or 2 Oct from the all data unit (RLCPDU). 
[01 20] Fig. 5 shows another example of the confiden- 
tiality/integrity processing unit 40. 
[0121] As featured in Fig. 5, a confidentiality process- 
ing unit 420 and an integrity processing unit 430 are pro- 
vided separately. Inside the confidentiality processing 
unit 420, an encrypting/decrypting unit 421 is provided. 
Inside the integrity processing unit 430, a message au- 
thentication code appending/integrity verification unit 
431 is provided. The enrypting/decryptlng unit 421 
shows a case in which the encryption and the decryption 
are perfonned using an identical module. The message 
authentication code appending/Integrity verification unit 
431 shows a case in which appending the message au- 
thentication code and verifying the Integrity are per- 
formed using an identical module. A case shown in Fig. 
5 is a configuration in which the encryption and the de- 
cryption are perfomried by the same function or append- 
ing the message authentication code and verifying the 
Integrity are perfonned by the same function. Compared 
with Fig. 6, it is possible to reduce the hardware re- 
source and the software resource within the case of Fig. 
5. 

[0122] Fig. 6 shows another example of the confiden- 
tiality/Integrity processing unit 40. 
[0123] As featured in Fig. 6, inside the confidentiality 
processing unit 420, an encrypting unit 422 and a de- 
crypting unit 423 are provided separately. Further, inside 
the integrity processing unit 430, a message authenti- 
cation code appending unit 432 and an Integrity verifi- 
cation unit 433 are provided separately. A case shown 
in Fig. 6 is a configuration in which the encryption and 
the decryption are performed by different functions or 
appending the message authentication code and veri- 
fying the integrity are performed by different functions. 
It is possible to respectively perfonn encrypting, de- 
crypting, appending the message authentication code, 
verifying the integrity, and further the data confidentiality 



processing or the integrity processing can be simulta- 
neously performed in parallel on sent/received data. Ac- 
cordingly, the high speed processing can be done. 
[0124] Fig. 7 shows a case in which multiple encrypt- 
ing units 422 and multiple decrypting units 423 are pro- 
vided in the confidentiality processing unit 420. Further, 
as shown in the figure, multiple message authentication 
code appending units 432 and multiple integrity verifi- 
cation units 433 are provided in the integrity processing 
unit 430. While the mobile station (MS) 1 00 is operating, 
there may be a case in which data in multiple channels 
should be processed at the same time. For example, 
when two kinds of data such as speech data and fac- 
simile data are simultaneously transferred, data of at 
least two channels should be simultaneously proc- 
essed. In such a case, the speech data can be encrypt- 
ed by the encrypting unit 1 , and the facsimile data can 
be encrypted by the encrypting unit 2. Further, in case 
of decryption, data on multiple channels can be decrypt- 
ed simultaneously. It is not necessary to have the same 
number (n in case of Fig. 7) of the encrypting units 422, 
the decrypting units 423, the message authentication 
code appending units 432, and the integrity verification 
units 433. The number of each units can be detemnined 
according to the number of channels to be processed 
simultaneously by the mobile station (MS) 100. In an- 
other way, the above units do not correspond to each 
channel, but when a certain channel needs to process 
a large amount of data at a high speed, it is possible to 
make two encrypting units process the large amount of 
data assigned to the channel. Namely, the number of 
each unit such as the encrypting unit 422, the decrypting 
unit 423, the message authentication code appending 
unit 432, and the integrity verification unit 433 can be 
detemnined according to the number of channels to be 
processed simultaneously and/or amount of data. 
[01 25] Further the maximum number of the encrypt- 
ing units 422 and the maximum number of the decrypt- 
ing units 423 can be different. 

[0126] Further the maximum number of the message 
authentication code appending units 432 and the max- 
imum number of the Integrity verification units 433 can 
be different. 

[01 27] Fig. 8 shows the case in which the confidenti- 
ality processing unit 420 is provided with multiple en- 
crypting/decrypting units 421 . Further, as shown in the 
figure, the integrity processing unit 430 is provided with 
multiple message authentication code appending/integ- 
rity verification units 431 . 

[0128] In Fig. 8, the encrypting/decrypting unit 421 
and the message authentication code appending/integ- 
rity verification unit 431 shown in Fig. 5 are respectively 
made multiple. In case of Fig. 8, when the encryption 
and the decryption are performed using the same func- 
tion, multiple encrypting/decrypting units 421 are pro- 
vided corresponding to multiple channels. Similarly, 
when the message authentication code appending and 
the integrity verification are perfomried using the same 
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function, nnultipie message authentication code ap- 
pending/integrity verification units 431 are provided cor- 
responding to multiple channels. Compared with the 
case shown In Fig. 7, the configuration of Fig. 8 can re- 
duce the hardware resource and the software resource. 
[0129] In cases shown in Figs. 4 through 8, the con- 
fidentiality/Integrity processing unit 40 includes both the 
confidentiality processing unit 420 and the integrity 
processing unit 430. However, the confidentiality/integ- 
rity processing unit 40 can include either of the confi- 
dentiality processing unit 420 and the integrity process- 
ing unit 430. When the confidentiality/integrity process- 
ing unit 40 Includes either of the confidentiality process- 
ing unit 420 and the integrity processing unit 430, the 
process of the other can be performed by the radio com- 
munication control unit 20. 

Embodiment 2. 

[0130] Fig. 9 shows another configuration of the mo- 
bile station (MS) 100. 

[0131] Different from the configuration of Fig. 3, in Fig. 
9, data is input/output between the tenninal IF unit 10 
and the confidentiality/integrity processing unit 40. And 
further, data is also input/output between the radio com- 
munication unit 30 and the confidentiality/integrity 
processing unit 40. In Fig. 9, non-transparent data 97 is 
non-transparent data such as packet data. Further, 
transparent data 95, 96 are transparent data such as 
speech data, unrestricted digital data. Transparent data 
means the data is not changed throughout input to out- 
put in any layers or sub-layers of the OS I reference lay- 
ers. Whereas, the non-transparent data means the data 
requires some data processing such as data format con- 
version through input to output in some layers or sub- 
layers of the OS I reference layers. For example, at an 
RLC (Radio Link Control) sub-layer of the layer 2, when 
SDU (Service Data Unit) and PDU (Protocol Data Unit) 
of data are different, the data is non-transparent data. 
When SDU and PDU of data at MAC (Media Access 
Control) sub-layer of the layer 2 are same, the data is 
transparent data. In case shown in Fig. 9, the transpar- 
ent data is, for example, speech data which can be 
transferred to the temiinal IF unit 10 without any 
processing on the data of the layer 1 input/output by the 
radio communication unit 30. On the other hand, the 
non-transparent data Is, for example, packet data which 
requires some processing on the data of layer 1 output 
from the radio communication unit 30. 
[0132] As mentioned above, the concrete examples 
of transparent data 95 and 98 in Fig. 9 are speech data 
and unrestricted digital data, each divided by transport 
block unit defined between layer 1 and layer 2. These 
transparent data divided by transports block unit equal 
to MACPDU (and MACSDU), and therefore each data 
of the transport block unit corresponds to the confiden- 
tiality processing unit. 

[0133] As data kinds such as speech data are user 



data which remains transparent in the RLC sub-layers, 
by implementing ARIB defined MT (Mobile Temiinal) - 
TA (Tamilnal Adaptor) l/F (Figs. 22, 23) as the serial In- 
terface for this transport model, it becomes possible to 

5 perform confidentiality processing on the MA-TA l/F se- 
rial formats without any conversion. 
[0134] Further, a concrete example of the non-trans- 
parent data 97 is, as described above, packet data or 
data for signaling, however, each data is divided into 

10 units (Transport Block) defined between the layers 1 and 
2. 

[01 35] The confidentiality/Integrity processing unit 40 
shown in Fig. 9 perfomns the confidentiality processing 
and the integrity processing selectively on the non- 

15 transparent data input/output from/to the radio commu- 
nication control unit 20, and at the same time, the con- 
fidentiality/integrity processing unit 40 always perfomns, 
for example, the confidentiality processing on the trans- 
parent data input/output between the terminal IF unit 10 

20 and the radio communication unit 30. The confidential- 
ity/integrity processing unit 40 does not perform the in- 
tegrity processing on the transparent data. If the trans- 
parent data includes data which does not require the 
confidentiality processing, the radio communication 

25 control unit 20 makes the transparent data which does 
not require the confidentiality processing not input to the 
confidentiality/integrity processing unit 40, but input to 
the radio communication control unit 20. Or it is possible 
to make the transparent data which does not require the 

30 confidentiality processing input to the confidentiality/in- 
tegrity processing unit 40, but not perform the confiden- 
tiality processing on the transparent data using the con- 
trol signal from the radio communication control unit 20. 
[0138] Fig. 1 0 shows a configuration of the confiden- 
ts tiality/integrity processing unit 40. 

[0137] Different from the configuration shown in Fig. 
5, Fig. 10 newly includes a confidentiality processing 
unit 460. The confidentiality processing unit 460 in- 
cludes an encrypting unit 462 and a decrypting unit 463. 

40 The encrypting unit 462 inputs the transparent data 95 
from the terminal IF unit 10, encrypts the input data to 
output to the radio communication unit 30 as the trans- 
parent data 96. On the other hand, the decrypting unit 
463 inputs the transparent data 96 from the radio com- 

45 munication unit 30, decrypts the input data to output to 
the tenninal IF unit 1 0 as the transparent data 95. These 
processes of the confidentiality processing unit 460 are 
perfomned based on the control signal 99 from the IF 
unit 41 0. The control signal 99 is derived from the control 

50 signal 91. Accordingly, the confidentiality processing 
unit 460 performs the confidentiality processing based 
on the control signal issued from the radio communica- 
tion control unit 20. In Fig. 10, the data 92 is input/output 
using the parallel interface through bus. On the other 

55 hand, the transparent data 95 and 96 are input/output 
to/from the confidentiality processing unit 460 through 
the serial interface. As explained above, Fig. 10 shows 
a case in which two systems of input/output interface, 



10 



19 



EP1 156 694 A1 



20 



that is, the parallel Interface and the serial interface are 
provided in the confidentiality/integrity processing unit 
40. 

[0138] Fig. 11 shows a configuration in which the con- 
fidentiaiity processing unit 460 is added to the conflden- s 
tiality/integrity processing unit 40 shown in Fig. 7. It is 
effective to have the configuration shown in Fig. 1 1 when 
the encrypting unit or the decrypting unit generates l<ey 
streams to be XORed with the serial data as shown In 
Fig. 12. 

[0139] As shown in Fig. 11, the transparent data 95 
and 96 are input/output fronn/to the confidentiality 
processing unit 460 through the serial Interface, and fur- 
ther, the serial data which is input/output through the se- 
rial interface includes multiplexed data of multiple chan- 
nels. For example, when data of channel 2 is input as 
serial data after data of channel 1 is Input, the encrypting 
unit 1 corresponding to the channel 1 generates a key 
stream to output to a multiplexer 481 , the encrypting unit 
2 corresponding to the channel 2 generates another key 
stream to output to the multiplexer 481 , and the multi- 
plexer 481 multiplexes these key streams Into fomnatthe 
same as the data system of the data 95. The multiplexed 
key stream and the data sequence of the input data 95 
are XORed by the XOR circuit 483. The confidentiality 
processing unit 460 perfomris the above operations 
based on the control signal 99, namely, the control sig- 
nal 91 supplied from the radio communication control 
unit 20. By using the configuration of Fig. 11 , the delay 
of the serial data is caused only by the operation of the 
XOR circuit 483, which enables the high speed process- 
ing. 

[0140] Fig. 13 shows another configuration In which 
the confidentiality processing unit 420 and the confiden- 
tiality processing unit 460 of Fig. 10 are combined Into 
one confidentiality processing unit 470. 
[0141] The confidentiality processing unit 470 proc- 
esses both of the data 92 input/output through the par- 
allel interface and the data 95, 96 Input/output through 
the serial interface. The confidentiality processing unit 
420 and the confidentiality processing unit 460 are unit- 
ed into the confidentiality processing unit 470, so that 
the hardware resource can be reduced. The confidenti- 
ality processing unit 470 switches the process for the 
transparent data and the process for the non-transpar- 
ent data based on the control signal 99, namely, the con- 
trol signal 99 output from the radio communication con- 
trol unit 20. 

[0142] The above confidentiality/integrity processing 
unit 40 can be configured by the hardware. Forexample, 
the configuration can be implemented by FPGA or cus- 
tom LSI. Further, the confidentiality/integrity processing 
unit 40 can be implemented by the software program. 
In case the confidentiality/integrity processing unit 40 is 
Implemented by the software program, CPU of the radio 
communication control unit 20 executes the software 
program. 

[0143] Further, the confidentiality/Integrity processing 



unit 40 can be implemented by a combination of the 
hardware and the software. For example, the confiden- 
tiality/integrity processing unit 40 can be implemented 
by DSP (Digital Signal Processor) and micro program 
or firmware program executed by the DSP. 
[0144] Hereinafter, a concrete example will be ex- 
plained with reference to Figs. 1 7 through 20. 
[0145] Fig. 17 shows a configuration of the encryption 
module 51 (or decryption module 71) used for the en- 
cryption/decrypting unit 421 . 

[0146] The encryption module 51 includes a key 
scheduler 51 1 and a data randomizing unit 51 2. The key 
scheduler 511 inputs one key K and generates n extend- 
ed keys ExtKI through ExtKn. The data randomizing 
unit 512 generates a random number using a function 
F and an XOR circuit. The function F inputs the extended 
key and perfomns non-linear data transformation. 
[0147] In the encryption module 51 , various block ci- 
pher algorithm can be employed such as: 

(1) DES (Data Encryption Standard); 

(2) MISTY, which is the block cipher algorithm dis- 
closed In the International Publication No. 
WO97/9705 (US Serial No. 08/83640); 

(3) KASUMI, which is the 64-bit block cipher tech- 
nique based on the above block cipher algorithm 
MISTY and is determined to be employed as Inter- 
national standard cipher for next generation cellular 
phone (IMT2000); and 

(4) Camellia, which Isthe block cipher algorithm dis- 
closed in the Japanese patent application No, 
2000-64614 (filed on March 9, 2000). 

Further, these block cipher algorithms such as DES, 
MISTY, KASUMI, and Camellia can be employed In the 

decryption module 71 . 

[01 48] Fig. 1 8 shows the implementation form of the 
confidentiality/integrity processing unit 40. 
[0149] Fig. 18 shows a case in which the confidenti- 
ality/integrity processing unit 40 is implemented inside 
FPGA, IC or LSI. Namely, the confidentiality/integrity 
processing unit 40 can be implemented by the hard- 
ware. Further, the confidentiality/integrity processing 
unit 40 can be also implemented by a print circuit board, 
which is not shown In the figure. 
[0150] Fig. 19 shows a case in which the confidenti- 
ality/integrity processing unit 40 is implemented by the 
software. 

[0151] The confidentiality/integrity processing unit 40 
can be implemented by a cipher program 47. The cipher 
program 47 is stored In a ROM (Read Only Memory) 42 
(an example of storage). The cipher program 47 can be 
stored in a RAM (Random Access Memory) or another 
storage such as a flexible disk or a fixed disk. Further, 
the cipher program 47 can be downloaded from a server 
computer. The cipher program 47 is functioned as a sub- 
routine. The cipher program 47 is called for subroutine 
execution from an application program 46 stored In the 
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RAM 45 as a subroutine call. In another way. the cipher 
program 47 can be activated by generation of an inter- 
rupt received at an interrupt control unit 43. A memory 
55 can be a part of the RAM 45. The application program 
46 and the cipher program 47 are programs executed 5 
by the CPU 41 . 

[01 52] Fig. 20 shows mechanism for calling the cipher 
program 47 by the application program 46 which Is op- 
erated on the radio communication control unit 20. 
[0153] The application program 46 calls the cipher io 
program 47 using parameters of a key K, an initial value 
IV, plaintext data M, and ciphertext data C. The cipher 
program 47 Inputs the l<ey K, the initial value IV, and the 
plaintext data M and returns the ciphertext data C. If the 
cipher program 47 and the decryption program are the is 
same, the cipher program 47 Is called using parameters 
of the key K, the initial value IV, the ciphertext data C, 
and the plaintext data M. 

[0154] Further, the cipher program 47 can be imple- 
mented by a digital signal processor and a program read 20 
and executed by the digital signal processor, though 
which is not shown in the figure. Namely, the cipher pro- 
gram 47 can be implemented by combination of the 
hardware and the software. 

[0155] The above explanation referring to Figs, 18, 25 
19, and 20 applies to the encryption, however, the de- 
cryption can be implemented in the same way. 
[0156] The encryption system or the decryption sys- 
tem can be Installed to an electronic devices. The sys- 
tem can be Installed in all kinds of electronic devices, 30 
for example, a personal computer, facsimile machine, a 
cellular phone, a video camera, a digital camera, or a 
TV camera. In particular, the feature of the embodiment 
can be accomplished effectively when the data from 
multiple channels Is encrypted/decrypted. Or the imple- 55 
mentation of the embodiment can be effective In case 
where data is received at random from multiple users 
and decrypted, or data for multiple users is generated 
at random and respectively encrypted in real time. 
Namely, the encryption/decryption of the above embod- 40 
iment can be extremely effective when the number of 
apparatuses for encryption/decryption is small com- 
pared with the number of data kinds to be encrypted/ 
decrypted. For example, the encryption/decryption of 
the above embodiment is highly effective when applied 45 
to a server computer which has to support many client 
computers or a base station or a line control unit which 
has to collect and distribute data fronn/to many cellular 
phones. 

[0157] In the above example, the radio communica- so 
tlon control unit 20 and the confidentiality/integrity 
processing unit 40 are connected with the parallel inter- 
face through the bus, however, the serial interface can 
be used for connecting the radio communication control 
unit 20 and the confidentiality/integrity processing unit 55 
40. Further, in the above explanation, the terminal IF unit 
10 and the confidentiality/integrity processing unit 40, 
the 30 and the confidentiality/integrity processing unit 



40 are connected with the serial interface, however, the 
parallel interface can be used for processing at a higher 
speed instead of the serial Interface. 
[0158] In case of Figs. 9 and 10, the confidentiality 
processing unit 460 is provided inside the confidentiali- 
ty/Integrity processing unit 40, however the confidenti- 
ality processing unit 460 can be provided Independently 
from the confidentiality/integrity processing unit 40, and 
the confidentiality processing unit 460 can be placed be- 
tween the temninal IF unit 10 and the radio communica- 
tion unit 30. 

Industrial Applicability 

[01 59] As mentioned above, this implementation em- 
bodiment enables confidentiality/integrity processing in 
layer 2 or upper layers so that confidentiality processing 
is not perfonned in layer 1 , therefore making It possible 
to determine the necessity of confidentiality/integrity 
processing based on data kinds. 
[0160] For example, only confidentiality processing is 
performed on the transparent data, and both the confi- 
dentiality processing and the integrity processing are 
performed on the non-transparent data. In another way, 
it becomes possible to select to perform or not the con- 
fidentiality processing and the integrity processing In 
case of processing the non-transparent data. 
[0161] Further, according to the above embodiment, 
multiple confidentiality processing units and multiple in- 
tegrity processing units are provided Inside the confi- 
dentiality/integrity processing unit according to the 
number of channels or the amount of the data, enabling 
high speed data processing by the simultaneous parallel 
processing. 



Claims 

1 . A radio communication apparatus comprising: 

a terminal interface unit for inputting data; 
a radio communication control unit for inputting 
the data input by the terminal interface unit, for 
processing the data based on protocol, and out- 
putting the data; 

a confidentiality/integrity processing unit for in- 
putting a control signal and data from the radio 
communication control unit, perfonning at least 
one of encryption of the data as confidentiality 
processing and generation of a message au- 
thentication code for detecting tampered data 
as Integrity processing on the data input, and 
outputting the data processed to the radio com- 
munication control unit; and 
a radio communication unit for inputting, mod- 
ulating, and sending the data output from the 
radio communication control unit. 
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2. The radio communication apparatus of claim 1 , 

wherein the confidentiality/integrity processing 
unit inputs the control signal from the radio 
communication control unit and selectively in- 5 
puts the data from the temiinal interface unit 
based on the control signal input, and 
wherein the confidentiality/integrity processing 
unit performs confidentiality processing on the 
data input and outputs the data which has been io 
performed confidentiality processing to the ra- 
dio communication unit. 

3. The radio communication apparatus of claim 2, 

15 

wherein the terminal interface unit outputs 
transparent data and non-transparent data, 
and 

wherein the radio communication control unit 
inputs the non-transparent data from the termi- 20 
nal interface unit, makes the confidentiality/in- 
tegrity processing unit process the non-trans- 
parent data based on protocol, and 
wherein the radio communication control unit 
controls the transparent data to be transferred 25 
from the terminal interface unit to the confiden- 
tiality/integrity processing unit to perform the 
confidentiality processing. 

4. The radio communication apparatus of claim 1, 30 
wherein the confidentiality/integrity processing unit 

is connected to the radio communication control 
unit via parallel interface. 

5. The radio communication apparatus of claim 1, 35 
wherein the confidentiality/integrity processing unit 

is connected to the terminal interface unit with serial 
interface and connected to the radio communica- 
tion unit with serial interface. 

40 

6. The radio communication apparatus of claim 1, 
wherein the confidentiality/integrity processing unit 
further includes: 

a confidentiality processing unit Including an 45 
encrypting unit for encrypting the data input; 

and 

an Integrity processing unit having a message 
authentication code appending unit for append- 
ing a message authentication code to the data so 
input. 

7. The radio communication apparatus of claim 6, 
wherein the confidentiality/integrity processing unit 
includes multiple encrypting units. 55 

8. The radio communication apparatus of claim 6, 
wherein the confidentiality/integrity processing unit 



includes multiple message authentication code ap- 
pending units. 

9. The radio communication apparatus of claim 6, 
wherein the confidentiality processing unit and the 
integrity processing unit fomri one module which in- 
puts the control signal and the data from the radio 
communication control unit, and the module per- 
fonms at least one of the confidentiality processing 
and the integrity processing on the data input based 
on the control signal input. 

10. A radio communication apparatus comprising: 

a radio communication unit for receiving and 
demodulating data; 

a radio communication control unit for inputting 
data demodulated by the radio communication 
unit, processing the data based on protocol, 
and outputting the data processed; 
a confidentiality/integrity processing unit for in- 
putting a control signal and the data from the 
radio communication control unit, based on the 
control signal input performing at least one of 
confidentiality processing of decryping the data 
and integrity processing of detecting tampered 
data, and outputting the data processed to the 
radio communication control unit; 
a temninal interface unit for inputting the data 
processed from the radio communication con- 
trol unit and outputting the data. 

11. The radio communication apparatus of claim 10, 

wherein the confidentiality/integrity processing 
unit inputs the control signal from the radio 
communication control unit and selectively in- 
puts the data from the radio communication unit 
based on the control signal input, and 
wherein the confidentiality/integrity processing 
unit performs the confidentiality processing on 
the data input and outputs the data processed 
to the terminal interface unit. 

12. The radio communication apparatus of claim 11 , 

wherein the radio communication unit outputs 
transparent data and non-transparent data, 
wherein the radio communication control unit 
inputs the non-transparent data from the radio 
communication unit and makes the confidenti- 
ality/Integrity processing unit process the non- 
transparent data based on protocol, and 
wherein the radio communication control unit 
controls the transparent data to be transferred 
from the radio communication unit to the confi- 
dentiality/integrity processing unit to perfomn 
the confidentiality processing. 
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13. The radio communication apparatus of claim 10, 
wherein the confidentiality/integrity processing unit 
is connected to the radio communication control 
unit with a parallel interface. 

5 

14. The radio communication apparatus of claim 11, 
wherein the confidentiality/integrity processing unit 
is connected to the terminal interface unit with a se- 
rial interface, and connected to the radio communi- 
cation unit with a serial interface. io 

15. The radio communication apparatus of claim 10, 
wherein the confidentiality/Integrity processing unit 
includes: 

15 

a confidentiality processing unit having a de- 
crypting unit for decrypting the data input; and 
an integrity processing unit having an integrity 
verification unit for verifying an integrity of the 
data input using a message authentication 20 
code appended to the data input. 

16. The radio communication apparatus of claim 15, 
wherein the confidentiality processing unit Includes 
multiple decrypting units. 25 

17. The radio communication apparatus of claim 15, 
wherein the integrity processing unit includes mul- 
tiple integrity verification units. 

30 

18. The radio communication apparatus of claim 15, 
wherein the confidentiality processing unit and the 
Integrity processing unit form one module which in- 
puts the control signal and the data from the radio 
communication control unit^ and wherein the mod- 35 
ule, based on the control signal input, perfonns at 
least one of processes of the confidentiality 
processing unit and the integrity processing unit on 

the data input. 

40 

19. A radio communication apparatus for wireless data 
communication comprising: 

a terminal interface unit for data Input/output; 

a radio communication control unit for process- 45 

ing the data based on protocol; 

a radio communication unit for wireless data 

communication; and 

a confidentiality/integrity processing unit, pro- 
vided among the terminal interface unit, the ra- so 
dio communication control unit, and the radio 
communication unit, which performs at least 
one of confidentiality processing for encrypting/ 
decrypting data and integrity processing for de- 
tecting tampered data on the data input/output 55 
from/to the radio communication control unit, 
encrypts the data from the terminal Interface 
unit to the radio communication unit, and de- 



crypts the data from the radio communication 
unit to the temnlnal interface unit. 

20. The radio communication apparatus of claim 19, 
wherein the confidentiality/integrity processing unit 
includes a confidentiality processing unit for per- 
forming a confidentiality processing on the data in- 
put, and an integrity processing unit for perfomning 
an integrity processing on the data input, separate- 
ly. 

21. The radio communication apparatus of claim 19, 
wherein the confidentiality processing unit sepa- 
rately includes an encrypting unit for encrypting the 
data from the tenninal interface unit to the radio 
communication unit, and a decrypting unit for de- 
crypting the data from the radio communication unit 
to the temninal interface unit. 

22. The radio communication apparatus of claim 19, 
wherein the integrity processing unit separately in- 
cludes a message authentication code appending 
unit for appending a message authentication code 
to the data input for performing an integrity process- 
ing, and an integrity verification unit for verifying an 
integrity of the data input using the message au- 
thentication code appended to the data input. 

23. The radio communication apparatus of claim 19, 
wherein the communication apparatus Is a portable 
mobile phone. 

24. The radio communication apparatus of claim 6, 
wherein the confidentiality processing unit and the 
integrity processing unit employ same encryption 
algorithm. 

25. The radio communication apparatus of claim 15, 
wherein the confidentiality processing unit and the 
integrity processing unit employ same encryption 
algorithm. 

26. The radio communication apparatus of claim 20, 
wherein the confidentiality processing unit and the 
integrity processing unit employ same encryption 
algorithm. 

27. The radio communication apparatus of claim 1, 
wherein the communication apparatus is a cellular 
phone. 

28. The radio communication apparatus of claim 10, 
wherein the radio communication apparatus is a 
cellular phone. 

29. The radio communication apparatus of claim 19, 
wherein the communication apparatus is a cellular 
phone. 
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30. The radio communication apparatus of claim 1, 
wherein the radio communication apparatus is a ra- 
dio station for sending/receiving data to/from a mo- 
bile station. 

5 

31. The radio communication apparatus of cialm 10, 
wherein the radio communication apparatus is a ra- 
dio station for sending/receiving data to/from a mo- 
biie station. 

10 

32. The radio communication apparatus of claim 19, 
wherein the radio communication apparatus is a ra- 
dio station for sending/receiving data to/from a mo- 
bile station. 

15 

33. The radio communication apparatus of claim 30, 
wherein the radio station is either of a base trans- 
ceiver station and a radio network controlier. 

34. The radio communication apparatus of claim 31, 20 
wherein the radio station is either of a base trans- 
ceiver station and a radio networl< controller. 

35. The radio communication apparatus of claim 32, 
wherein the radio station is either of a base trans- 
celver station and a radio network controller. 

36. A radio communication method comprising: 



control signal input performing at least one of 
confidentiality processing of decrypting the da- 
ta and integrity processing of detecting tam- 
pered data, and outputting the data processed 
to the radio communication control step; and 
a temnlnal interface step for inputting the data 
processed from the radio communication con- 
trol step and outputting the data. 

38. A radio communication method for wireless data 
communication comprising: 

a temriinal Interface step for data Input/output; 
a radio communication control step for data 
processing based on protocol; 
a radio communication step for wireless data 
communication; and 

a confidentiality/integrity processing step, pro- 
vided among the tenninal interface step, the ra- 
dio communication control step, and the radio 
communication step, and which performs at 
least one of confidentiality processing for en- 
crypting/decrypting data and integrity process- 
ing for detecting tampered data on the data in- 
put/output from/to the radio communication 
control step, encrypts the data transferred from 
the terminal interface step to the radio commu- 
nication step, and decrypts the data transferred 
from the radio communication step to the ter- 
minal interface step. 



a terminal Interface step for inputting data; so 
a radio communication control step for inputting 
the data input by the terminal interface step and 
for processing the data based on protocol and 
outputting the data; 

a confidentiality/integrity processing step for in- 35 
putting a control signal and data from the radio 
communication step, performing at least one of 
encryption of the data as confidentiality 
processing and generation of a message au- 
thentication code for detecting tampered data 40 
as integrity processing on the data input, and 
outputting the data processed to the radio com- 
munication control step; and 
a radio communication step for inputting, mod- 
ulating, and sending the data output from the 
radio communication control step. 

37. A radio communication method comprising: 

a radio communication step for receiving and so 
demodulating data; 

a radio communication control step for inputting 
data demodulated by the radio communication 
step, processing the data based on protocol, 
and outputting the data processed; ss 
a confidentiality/integrity processing step for in- 
putting a control signal and the data from the 
radio communication control step, based on the 
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